Users are prompted to log into their account, as if they have been logged out. This only seems to happen if you are already logged in. This is is a PHISHING SITE and 2FA codes are being used to empty customer accounts. Withdrawals have since been suspended by LocalBitcoins.

We would like to inform that today 26.01.2019 at approximately 10:00:00 UTC, LocalBitcoins has detected a security vulnerability - an unauthorised source was able to access and send transactions from a number of affected accounts. Outgoing transactions were temporarily disabled while we investigated the case.

We were able to identify the problem, which was related to a feature powered by a third party software, and stop the attack. At the moment, we are determining the correct number of users affected - so far six cases have been confirmed. For security reasons, the forum feature has been disabled until further notice.

Outgoing transactions have already been re-enabled and we have taken a number of measures to address this issue and secure the limited number of accounts that might have been at risk.

Your LocalBitcoins accounts are currently safe to log in and use - we encourage you to enable Two-factor authentication, if you have not yet.

Users are prompted to log into their account, as if they have been logged out. This only seems to happen if you are already logged in. This is is a PHISHING SITE and 2FA codes are being used to empty customer accounts. Withdrawals have since been suspended by LocalBitcoins."

another exchanges attack. Bitcoin may be vulnerable from.decrypting but its exchanges are not safe and it is vulnerable from hijacking or hacking it from someone. The problem now starts when a user has stored some of its crypto in the exchanges. Probably you will going to wake up one day losing all the crypto in the exchange wallet.

From the look of it, there have been few reports and the damage is not that big (or still not reported from the users yet). If that's the case and the team is as professional as they claim to be, they should reimburse the users. Just another reason on why you shouldn't keep your funds in exchanges by the way.

From the look of it, there have been few reports and the damage is not that big (or still not reported from the users yet). If that's the case and the team is as professional as they claim to be, they should reimburse the users. Just another reason on why you shouldn't keep your funds in exchanges by the way.

From the looks of it based on the discussions, it seems like the forum-side of LocalBitcoins was compromised and the hacker is using the login to phish the forum accounts, for the hacker to be able to withdraw the funds of the users. Hopefully it stopped here as the forum has been disabled. Not 100% sure though.

How long will this go on? Another cryptocurrency exchange has been cracked. Phishing, one of the most experienced viruses. I hope the team of the LOCALBITCOINS project will do everything to ensure that the cryptocurrency remains with the owners

How long will this go on? Another cryptocurrency exchange has been cracked. Phishing, one of the most experienced viruses. I hope the team of the LOCALBITCOINS project will do everything to ensure that the cryptocurrency remains with the owners

Not surprising, every year they hack the exchanges, just recently there was information about breaking into large crypto exchanges and selling verified user documents

How long will this go on? Another cryptocurrency exchange has been cracked. Phishing, one of the most experienced viruses. I hope the team of the LOCALBITCOINS project will do everything to ensure that the cryptocurrency remains with the owners

As long as exchanges are around, hacks will happen whether we like it or not.

Looks like localbitcoins managed to shut this down pretty quickly after it started up actually, but the hackers still managed to make off with just shy of 8 BTC ($28,000) from 5 users (assuming that 1 address is the only address they used). Wonder if localbitcoins will compensate the users affected?

Once again, we have to wonder why users keep leaving large amount of funds on exchanges. Say it with me now: Not your keys, not your bitcoin. Not your keys, not your bitcoin. Not your keys, not your bitcoin. Not your keys, not your bitcoin.

Localbitcoins.com was one among the best platform that has got its service around the world. Quite often bitcoin fraudulent activities happen through localbitcoins. This time the same has taken place in large scale as more and more hackers have focused over the cryptocurrency network. Two year back I lost through a hack that was completely because of not enabling two factor authentication.

They should just compensate the stolen bitcoin in my opinion. While 8 BTC is definitely a lot for me, it's probably not that much for them when taking into account how much they're potentially earning. Compensating the stolen BTC would be a great PR move too.

I like localbitcoin and always thought its a pretty good site, not that fancy but usability is totally there

I hope more safe system will be in place to avoid this kind of scary hacks

It's the first time for LocalBitcoins as far as I know. In the hackers point of view, getting past LocalBitcoins itself is probably difficult, hence the attacker went for the weaker link: the forum software. Correct me if I'm wrong, but the LocalBitcoins exchange itself and the LocalBitcoins forum has accounts that are connected; so the attacker took advantage of this. Quite smart really.

Whats about our personal information are they are safe too or the attackers take it too ?

This was a man-in-the-middle type attack on individual users' accounts, stealing their 2FA keys via the forum to log in to their LBC accounts and transfer out their funds. There was no hack on the main LBC wallets or databases, so your personal information won't be affected. I would encourage everyone, however, to think twice before performing KYC with any service online. Just because your documents weren't accessed with this attack, doesn't mean they won't be accessed in the future.

I once said that you need to store Bitcoin, namely, you knew about your cold wallets, but you used other exchanges.

You can't expect everything to be stored in cold wallets. They stole a very small number of coins and as long as the loss is small it can be reimbursed and won't affect the business that much. If you have 1000 Bitcoin on your platform it's natural that up to 10% will be in hot wallets but some businesses like that Korean exchange that was hacked had all of their money in hot wallets.

These hackers are becoming very sophisticated, i wouldn't be surprised if it was the same team behind the electrum wallet hack as it follows the same pattern of phishing for login details. Bad day for bitcoiners as localbitcoins is a good website

I once said that you need to store Bitcoin, namely, you knew about your cold wallets, but you used other exchanges.

Typical... you know that those bitcoins are in an Exchange because users want/need to trade right? (Apparently, obviously, surely, most of them got their "own" wallet)You can't easily use a Cold wallet that was buried 20-feet under a random area guided with a "X" on a map to buy a HYPEd shitcoin before it get pumped.

If that's the case and the team is as professional as they claim to be, they should reimburse the users. Just another reason on why you shouldn't keep your funds in exchanges by the way.

I'm afraid that keeping most of the coins in a hot/cold wallet not possible for someone who's day trading. Personally, I prefer keeping higher exchange balance than in cold wallet since highly-priced orders yield higher profit.Specially now that the price is on its (*typo edit) best buy, predictable low-liqudity and mostly everyone is expecting a rise.

Are there any more details about this third party software and what the vulnerability was exactly?

I read a couple articles about the attack and I was led to believe this was a DNS spoofing attack on the forum subdomain. It sounds like that's not actually the case?

I don't think they have given specific information about this matter as of now, but I don't think it's a DNS attack. But for what it looks like in my opinion, I'm personally leaning more on a javascript/XSS injection on the forum software. Probably omething like: